Distributed Ledger Interface System for Background Verification of an Individual

ABSTRACT

Systems and methods are disclosed for using a distributed ledger interface system to facilitate background verification of an individual. One method may include, sending, by a server to a first device associated with a first organization, an indication that an individual is ending the membership to the first organization; unlocking access to an individual-specific data structure in a distributed ledger, wherein the individual-specific data structure allows storage of a plurality of data values corresponding to a plurality of background aspects of the individual, and wherein the distributed ledger is shared within a plurality of nodes within a network; providing, to a user device associated with the individual, a digital key to allow permission to access the individual-specific data structure; and granting, to a second computing device associated with a second organization, and based on a permission received from the user device, access to the individual-specific data structure.

TECHNICAL FIELD

Aspects of the disclosure generally relate to distributed ledgernetworks. In particular, various aspects of the disclosure include adistributed ledger interface system for background verification of anindividual.

BACKGROUND

In most industries, organizations often spend a significant amount ofmoney, time and effort in carrying out the background verification ofthe employees they hire. Furthermore, employees of organizations may beburdened with maintaining documentation (e.g., resume, transcripts,etc.) concerning the employees' credentials throughout their employmentto be able to present to each subsequent new employer. The documentationmay be based on credentials earned at, or remarks given by, a pluralityof distinct organizations (e.g., previous employers, educationalinstitutions, training centers, certificate programs, municipal bodies,credit rating agencies, etc.). Methods of verifying such documentationmay be unreliable, nontransparent, and tedious. These and othershortcomings are identified and addressed by the disclosure.

The present disclosure may address one or more of the shortcomingsdescribed above.

BRIEF SUMMARY

In light of the foregoing background, the following presents asimplified summary of the present disclosure in order to provide a basicunderstanding of some aspects of the features described herein. Thissummary is not an extensive overview of all of the features describedherein. The following summary merely presents some concepts in asimplified form as a prelude to the more detailed description providedbelow.

There is a desire for a reliable, transparent, and automated system andmethod for verifying this documentation as it relates to employment orverification of other credentials at the appropriate organizations.Furthermore, there is desire for a reliable, transparent, and automatedsystem and method for performing a background verification of anindividual, e.g., before hire. Systems and methods are described forusing a decentralized database platform designed as an immutable ledgershared among a plurality of nodes (e.g., a “distributed ledger”) tofacilitate background verification of an employee or other member of anorganization. Any entry of information into the distributed ledger mayrequire an approval by other nodes that share the distributed ledger soas to prevent fraud or entry of inconsistent information. Theinformation entered into the distributed ledger may be related tocredentials, remarks, and/or other data useful for assessing thecandidacy of an individual (e.g., an employee, a student, an intern, andextern, a fellow, a trainee, etc.) for an organization (e.g., anemployer, an educational or academic institution, etc.). The informationmay be categorized for example, into education credentials (e.g.,transcripts, grades, academic ranking, etc.), work experiencecredentials (e.g., previous employers, work history, job descriptions,projects, achievements, performance evaluations, reasons for endingemployment, etc.), legal records (e.g., criminal records, civil legalrecords, citizenship, work permits, etc.), online contributions, etc. Invarious aspects of the present disclosure, these categories ofcredentials, remarks, and contributions may be referred to as backgroundaspects, and the data entered to describe the background aspects may bereferred to as data values. Furthermore, the distributed ledger mayinclude a data structure for entering data values for background aspectsof an individual, and such a data structure may be referred to as, forexample, an “individual-specific data structure,” for simplicity. Theindividual-specific data structure may comprise blocks of immutable dataverified by various nodes of the distributed ledger, and shared amongthe various nodes. The nodes may comprise participants in the dataentry, data verification, data mining, and/or data accessing functionsof the distributed ledger, and the participants may include, forexample, the computing systems and devices associated with theorganizations or the individuals. A computing system, device, or server(“server”, “distributed ledger interface system” or “distributed ledgerinterface server”) may facilitate the data entry, data verification,data mining, and/or other use of the distributed ledger by the variousparticipants. The use of the distributed ledger and the security andaccessibility mechanisms explained herein may ease the burden oforganizations as they perform background verifications for individualcandidates, in accordance with systems and methods presented herein.

One example method comprises: sending, via a communication network, by adistributed ledger interface system having at least one processor and toa first computing device associated with a first organization, anindication that an individual that has membership to the firstorganization is ending the membership to the first organization;unlocking, based on a command received from the first computing device,access to an individual-specific data structure in a distributed ledger,wherein the individual-specific data structure allows storage of aplurality of data values corresponding to a plurality of backgroundaspects of the individual; wherein the individual-specific datastructure stores a first data value of the plurality of data valuescorresponding to a first background aspect of the plurality ofbackground aspects of the individual, and wherein the distributed ledgeris shared within a plurality of nodes within a network; providing, to auser device associated with the individual and based on the unlockedaccess, a digital key associated with the individual-specific datastructure to allow permission to access the individual-specific datastructure; and granting, to a second computing device associated with asecond organization, and based on a permission received from the userdevice, access to the individual-specific data structure.

In accordance with other embodiments of the present disclosure, themethod may further include prior to the sending the indication,creating, by the distributed ledger interface system via thecommunication network, the individual-specific data structure in thedistributed ledger, wherein the individual-specific data structurecomprises one or more blocks; receiving, from a computing deviceassociated with a node of the network, a request to enter the first datavalue corresponding to the first background aspect of the individual;hashing, based on a cryptographic algorithm associated with thedistributed ledger, the first data value; receiving a verification fromeach of the nodes of the network for the first data value; andrecording, in a first block of the one or more blocks of theindividual-specific data structure in the distributed ledger, the firstdata value corresponding to the first background aspect of theindividual.

In accordance with other embodiments of the present disclosure, anexample system comprises one or more processors; and a memory storingcomputer-executable instructions. When the computer-executableinstructions are executed by the one or more processors, the processorsmay cause the system to unlock access to an individual-specific datastructure in a distributed ledger. The individual-specific datastructure may allow storage of a plurality of data values correspondingto a plurality of background aspects of the individual. Theindividual-specific data structure may store a first data value of theplurality of data values corresponding to a first background aspect ofthe plurality of background aspects of the individual. Furthermore, thedistributed ledger may be shared within a plurality of nodes within anetwork. The plurality of nodes may include at least a first computingdevice associated with a first organization. When thecomputer-executable instructions are executed by the one or moreprocessors, the processors may further cause the system to: provide, toa user device associated with the individual and based on the unlockedaccess, a digital key associated with the individual-specific datastructure to allow the individual to control access to theindividual-specific data structure; grant, to a second computing deviceassociated with a second organization, and based on permission receivedfrom the user device, access to the individual-specific data structure;and send, via a communication network, to a first computing deviceassociated with the first organization, an indication that theindividual is ending membership to the first organization.

In accordance with other embodiments of the present disclosure, one ormore non-transitory computer readable media stores computer-executableinstructions. When these computer-executable instructions are executedby a computing device, the computing device may perform one or more ofthe methods described herein.

Other features and advantages of the disclosure will be apparent fromthe additional description provided herein.

The methods and systems of the above-referenced embodiments may alsoinclude other additional elements, steps, computer-executableinstructions, or computer-readable data structures. In this regard,other embodiments are disclosed and claimed herein as well. The detailsof these and other embodiments are set forth in the accompanyingdrawings and the description below. Other features and advantages willbe apparent from the description, drawings, and claims.

BRIEF DESCRIPTION OF THE DRAWINGS

A more complete understanding of the present invention and theadvantages thereof may be acquired by referring to the followingdescription in consideration of the accompanying drawing, in which likereference numbers indicate like features, and wherein:

FIG. 1 is a diagram of an example computing device and operatingenvironment in which one or more aspects described herein may beimplemented.

FIG. 2 illustrates a schematic diagram of an example network showing anexample distributed ledger interface system and other computing systemsand devices that interact with the example distributed ledger interfacesystem.

FIGS. 3-5 are flow diagrams for an example method that may be used toimplement aspects of the disclosure.

DETAILED DESCRIPTION

In the following description of the various embodiments, reference ismade to the accompanying drawings, which form a part hereof, and inwhich is shown by way of illustration, various embodiments of thedisclosure that may be practiced. It is to be understood that otherembodiments may be utilized.

As will be appreciated by one of skill in the art upon reading thefollowing disclosure, various aspects described herein may be embodiedas a method, a computer system, or a computer program product.Accordingly, those aspects may take the form of an entirely hardwareembodiment, an entirely software embodiment or an embodiment combiningsoftware and hardware aspects. Furthermore, such aspects may take theform of a computer program product stored by one or morecomputer-readable storage media having computer-readable program code,or instructions, embodied in or on the storage media. Any suitablecomputer readable storage media may be utilized, including hard disks,CD-ROMs, optical storage devices, magnetic storage devices, and/or anycombination thereof. In addition, various signals representing data orevents as described herein may be transferred between a source and adestination in the form of electromagnetic waves traveling throughsignal-conducting media such as metal wires, optical fibers, and/orwireless transmission media (e.g., air and/or space).

As discussed, performing background verification for an incomingindividual that seeks membership to an organization (e.g., an applicantfor a job position, a candidate for hiring, etc.) can be atime-intensive and costly process. Furthermore, individuals may beburdened with maintaining documentation concerning the individuals'credentials and other relevant data throughout their academic,vocational, and/or employment history to be able to present suchdocuments to each new organization. A distributed ledger interfaceserver, which interacts with a distributed ledger that maintains andtracks such data throughout the individual's academic, vocational,and/or employment history can help to ease the burden faced byorganizations and their individual members (e.g., employees, students,trainees, interns, externs, etc.).

FIG. 1 is a block diagram of an example computing device 101 in anoperating environment 100 in which one or more aspects described hereinmay be implemented. The computing device 101 or one or more componentsof computing device 101 may be utilized by any device, computing system,or server interacting with a distributed ledger, or with a distributedledger interface system, to perform the functions described herein. Forexample, the computing device 101 may be utilized by an operator of oneor more servers that facilitate the use of a distributed ledger toperform a background verification of an individual, e.g., upon or priorto hiring for employment. The one or more servers, which may be referredto as “distributed ledger interface system,” “distributed ledgerinterface server,” “interface system,” or “interface server” forsimplicity, may be an interface for various computing systems anddevices associated with organizations or individuals to interact with adistributed ledger (e.g., a blockchain) for one or more functionsdescribed herein. The one or more functions may include, for example,the entering of information as it pertains to an individual that may bea member of an organization (e.g., an employee) or a candidate for aposition at an organization, the verification of the information, theencryption or decryption of the information, results of a secondaryverification of the information (e.g., based on external sources), etc.

The computing device 101 may have a processor 103 for controllingoverall operation of the device 101 and its associated components,including RAM 105, ROM 107, input/output module 109, and memory 115. Asexplained above, the computing device 101, along with one or moreadditional devices (e.g., terminals 141, 151, 161, and 171, and securityand integration hardware 180) may correspond to any of multiple systemsor devices described herein, such as personal mobile or desktop devicesassociated with an individual (e.g., “user devices”); servers, computingsystems, and devices associated with an organization (“organizationcomputing device” or “organization computing system”); servers,computing systems, and devices associated with various institutions thatare sources of individual-specific data that are pertinent to backgroundverification for an individual (e.g., “data value source systems”); thedistributed ledger interface system; internal data sources; externaldata sources; and other various devices used to facilitate backgroundverification through a distributed ledger system. These variouscomputing systems may be configured individually or in combination, asdescribed herein, for receiving signals and/or transmissions from one ormore computing devices, the signals or transmissions including datavalues for various aspects of an individual's background (e.g.,“background aspects”), and metadata indicating the veracity orverification results for those data values.

Input/Output (I/O) 109 may include a microphone, keypad, touch screen,and/or stylus through which a user of the computing device 101 mayprovide input, and may also include, or be communicatively coupled to,one or more of a speaker for providing audio output and a video displaydevice (e.g., as in display 108) for providing textual, audiovisualand/or graphical output. Also or alternatively, the display device maybe separate from the input/output module 109 (e.g., as in display 108).Furthermore, display 108 may be used by a user of the computing device101 to view information stored in the distributed ledger 125.

The distributed ledger 125 may be a replicated version, an instance, ora view of a decentralized database platform storing immutableinformation (e.g., data values pertaining to background aspects) inblocks cryptographically linked to one another, e.g., via blockchaintechnology. Furthermore, the distributed ledger 125 may comprise ofvarious data structures pertaining to one or more individuals (e.g.,individual-specific data structures) as will be described herein.

The update interface 123 may comprise one or more database managementtools, applications, plug-ins, and/or code used to update databases(e.g., by creating, replacing, adding, and/or deleting data). Forexample, the update interface 123 may be used to enter information intothe distributed ledger 125.

Software may be stored within memory 115 and/or storage to provideinstructions to processor 103 for enabling device 101 to perform variousactions. For example, memory 115 may store software used by the device101, such as an operating system 117, application programs 119, and datapertaining to individual member of an organization or an individualcandidate applying for a position or role in an organization (e.g.,member/candidate data 120). The various hardware memory units in memory115 may include volatile and nonvolatile, removable and non-removablemedia implemented in any method or technology for storage of informationsuch as computer-readable instructions, data structures, program modulesor other data. Certain devices and systems within computing systems mayhave minimum hardware requirements in order to support sufficientstorage capacity, processing capacity, analysis capacity, networkcommunication, etc. For instance, in some embodiments, one or morenonvolatile hardware memory units having a minimum size (e.g., at least1 gigabyte (GB), 2 GB, 5 GB, etc.), and/or one or more volatile hardwarememory units having a minimum size (e.g., 256 megabytes (MB), 512 MB, 1GB, etc.) may be used in a device 101 (e.g., a distributed ledgerinterface system, a user device, an organization computing device, adata value source system, etc.), in order to receive and analyze thesignals, transmissions, etc., including receiving signals and/ortransmissions from one or more computing devices. The signals ortransmissions may include individual-specific data values for variousaspects of an individual's background that could be used to assess theindividual's candidacy for a role or position within an organization andwhich can be verified according to systems and methods presented herein.The signals or transmissions may further include ratings and otherindicia to measure the veracity, reliability, or accuracy of specificdata values for the background aspects, based on verification results.The signals or transmissions may further include queries or requests todata value source systems to verify one or more data values entered inthe distributed ledger or self-reported by the individual, and mayfurther include responses to the queries or requests. Furthermore, thesignals and transmissions may include requests to participating devicesat various nodes of a distributed ledger to approve data to be enteredinto the distributed ledger, responses to these requests, and encryptionor decryption results.

Memory 115 also may include one or more physical persistent memorydevices and/or one or more non-persistent memory devices. Memory 115 mayinclude, but is not limited to, random access memory (RAM) 105, readonly memory (ROM) 107, electronically erasable programmable read onlymemory (EEPROM), flash memory or other memory technology, CD-ROM,digital versatile disks (DVD) or other optical disk storage, magneticcassettes, magnetic tape, magnetic disk storage or other magneticstorage devices, or any other medium that can be used to store thedesired information and that can be accessed by processor 103.

Processor 103 may include a single central processing unit (CPU), whichmay be a single-core or multi-core processor (e.g., dual-core,quad-core, etc.), or may include multiple CPUs. Processor(s) 103 mayhave various bit sizes (e.g., 16-bit, 32-bit, 64-bit, 96-bit, 128-bit,etc.) and various processor speeds (ranging from 100 MHz to 5 GHz orfaster). Processor(s) 103 and its associated components may allow thecomputing device 101 to execute a series of computer-readableinstructions, for example, receiving signals and/or transmissionsdescribed herein from one or more computing devices.

The computing device 101 may operate in a networked environment 100supporting connections to one or more remote computers, such asterminals 141, 151, 161, and 171. Such terminals may be user devicesbelonging to individual members of an organization or individualcandidates who seek to join an organization and may undergo backgroundverification (e.g., user device 171). The user devices may include, forexample, mobile communication devices, mobile phones, tablet computers,touch screen display devices, etc. The terminals may further includeorganization computing systems 141, e.g., for their respectiveorganizations. In some aspects, organization computing systems may beused by the organizations to review or verify an individual member's oran individual candidate's self-reported profile (e.g., resume,curriculum vitae, transcripts, legal information, online profile, etc.),or information obtained from data value source systems, and/orinformation recorded in the distributed ledger. Furthermore, theorganization computing systems 141 may be used to record additionalinformation pertaining to the individual into the distributed ledger,e.g., via the distributed ledger interface system, or to performverification of information already recorded in the distributed ledger.The terminals may further include data value source systems 161, such ascomputing systems or servers of educational institutions that issuetranscripts and other academic assessments for individuals, governmentalor municipal offices that hold legal information (e.g., citizenshipinformation, civil and criminal records, etc.) pertaining to theindividual, road safety offices, credit rating agencies, and the like. Adata value source system 161 may act as a source for data values forvarious background aspects of an individual member of an organization oran individual candidate for a role or position in an organization. Aterminal may include the distributed ledger interface server 151, whichmay facilitate the use of a distributed ledger to perform backgroundverification for an individual.

The network connections depicted in FIG. 1 include a local area network(LAN) 132, a wide area network (WAN) 130, and a wirelesstelecommunications network 133, but may also include other networks.When used in a LAN networking environment, the computing device 101 maybe connected to the LAN 132 through a network interface or adapter 129.When used in a WAN networking environment, the device 101 may include amodem 127 or other means for establishing communications over the WAN130, such as network 131 (e.g., the Internet). When used in a wirelesstelecommunications network 133, the device 101 may include one or moretransceivers, digital signal processors, and additional circuitry andsoftware for communicating with terminals 141, 151, 161, and 171 via oneor more network devices 135 (e.g., base transceiver stations) in thewireless network 133.

Also illustrated in FIG. 1 is a security and integration layer 180,through which communications are sent and managed between the device 101and the remote devices (141, 151, 161, and 171) and remote networks(130-133). The security and integration layer 180 may comprise one ormore separate computing devices, such as web servers, authenticationservers, and/or various networking components (e.g., firewalls, routers,gateways, load balancers, etc.), having some or all of the elementsdescribed above with respect to the computing device 101. As an example,a security and integration layer 180 of a computing device 101 maycomprise a set of web application servers configured to use secureprotocols and to insulate the device 101 from external devices 141, 151,161, and 171. In some cases, the security and integration layer 180 maycorrespond to a set of dedicated hardware and/or software operating atthe same physical location and under the control of same entities asdevice 101. For example, layer 180 may correspond to one or morededicated web servers and network hardware in distributed ledgerinterface system, information datacenter or in a cloud infrastructuresupporting cloud-based functions for the distributed ledger. In otherexamples, the security and integration layer 180 may correspond toseparate hardware and software components which may be operated at aseparate physical location and/or by a separate entity.

As discussed below, the data transferred to and from various devices inthe operating environment 100 may include secure and sensitive dataobtained with permission of a user, such as confidentialindividual-specific data values (e.g., credentials, remarks, legalrecords, etc.) for various background aspects (e.g., previousemployment, academic and/or training aspects, legal information (e.g.,criminal and civil legal records, etc.), online profile, confidentialself-reported data from individual members of an organization orcandidates for a position in an organization, and confidential dataverifying and/or questioning the veracity of other confidential data.Therefore, it may be desirable to protect transmissions of such data byusing secure network protocols and encryption, and also to protect theintegrity of the data when stored on the various devices within asystem, such as the computing devices in the system 100, by using thesecurity and integration layer 180 to authenticate users, organizations,and data value source systems and restrict access to unknown orunauthorized users. For example, the security and integration layer 180may be used to restrict information to participant devices of nodes inwhich the distributed ledger is shared. In various implementations,security and integration layer 180 may provide, for example, afile-based integration scheme or a service-based integration scheme fortransmitting data between the various devices in an electronic displaysystem 100. Data may be transmitted through the security and integrationlayer 180, using various network communication protocols. Secure datatransmission protocols and/or encryption may be used in file transfersto protect the integrity of the data, for example, File TransferProtocol (FTP), Secure File Transfer Protocol (SFTP), and/or Pretty GoodPrivacy (PGP) encryption. In other examples, one or more web servicesmay be implemented within the various devices 101 in the system 100and/or the security and integration layer 180. The web services may beaccessed by authorized external devices and users to support input,extraction, and manipulation of the data (e.g., into distributed ledger125) by the various devices 101 in the system 100. In still otherexamples, the security and integration layer 180 may include specializedhardware for providing secure web services. For example, secure networkappliances in the security and integration layer 180 may includebuilt-in features such as hardware-accelerated SSL and HTTPS,WS-Security, and firewalls. Such specialized hardware may be installedand configured in the security and integration layer 180 in front of theweb servers, so that any external devices may communicate directly withthe specialized hardware.

Although not shown in FIG. 1, various elements within memory 115 orother components in system 100, may include one or more caches, forexample, CPU caches used by the processing unit 103, page caches used bythe operating system 117, disk caches of a hard drive, and/or databasecaches used to cache content from database 121. For embodimentsincluding a CPU cache, the CPU cache may be used by one or moreprocessors in the processing unit 103 to reduce memory latency andaccess time. In such examples, a processor 103 may retrieve data from orwrite data to the CPU cache rather than reading/writing to memory 115,which may improve the speed of these operations. In some examples, adatabase cache may be created in which certain data from a database 121is cached in a separate smaller database on an application serverseparate from the database server. For instance, in a multi-tieredapplication, a database cache on an application server can reduce dataretrieval and data manipulation time by not needing to communicate overa network with a back-end database server.

It will be appreciated that the network connections shown areillustrative and other means of establishing a communications linkbetween the computers may be used. The existence of any of variousnetwork protocols such as TCP/IP, Ethernet, FTP, HTTP and the like, andof various wireless communication technologies such as GSM, CDMA, WiFi,and WiMAX, is presumed, and the various computing devices in the systemcomponents described herein may be configured to communicate using anyof these network protocols or technologies.

FIG. 2 illustrates a schematic diagram showing an example networkenvironment and computing systems (e.g., devices, servers, applicationprogram interfaces (APIs), etc.) that may be used to implement aspectsof the disclosure. At a high level the network environment 200 maycomprise a user device associated with an individual (e.g., user device202); a plurality of computing systems, servers, or devicescorresponding to a plurality of organizations (e.g., organizationcomputing system(s) 220); one or more computing systems, servers ordevices corresponding to institutions or sources that may function asthe source for individual-specific data for background aspects of anindividual (e.g., data value source system(s) 240); and a server,device, or computing system for facilitating the interaction between thevarious computing systems and a distributed ledger for performingvarious functions described herein (e.g., distributed ledger interfaceserver 270). The above described computing systems of the networkenvironment may be interconnected over a communications network 268.

The communication network 268 may comprise one or more informationdistribution networks of any type, such as, without limitation, atelephone network, a wireless network (e.g., an LTE network, a 5Gnetwork, a WiFi IEEE 802.11 network, a WiMAX network, a satellitenetwork, and/or any other network for wireless communication), anoptical fiber network, a coaxial cable network, and/or a hybridfiber/coax distribution network. The communication network 268 may use aseries of interconnected communication links (e.g., coaxial cables,optical fibers, wireless links, etc.) to facilitate communicationbetween the distributed ledger interface server 270, the user device202, the organization computing system(s) 220, and the data value sourcesystem(s) 240. Each of the above-described systems may function on oneor more computing systems or devices. In some aspects, one or more ofthe above described systems and servers may be connected; be a part ofanother one of the above-described systems and servers; or becomponents, features, or functions of a larger computing system.

The one or more computing systems or devices of the above-describedsystems (e.g., the distributed ledger interface server 270, the userdevice 202, the organization computing system(s) 220, and the data valuesource system(s) 240) may include, for example, desktops, servers, smartphones, tablets or laptop computers with wired or wireless transceivers,tablets or laptop computers communicatively coupled to other deviceswith wired or wireless transceivers, and/or any other type of deviceconfigured to perform the functions described herein and to communicatevia a wired or wireless network. The computing systems or devices mayinclude one or more of the components of computing device 101,illustrated in FIG. 1. For example, the computing systems or devices mayinclude at least a processor and a communication interface (e.g., anetwork interface) to communicate with one another.

The user device 202 may comprise a mobile communication device, a mobilephone, a tablet computer, or a touch screen display device, etc., andmay be associated with an individual who may be a member (e.g., anemployee, an intern, an extern, a trainee, a fellow, a student, etc.) ofan organization (e.g., an employer, an educational or vocationalinstitution, etc.) or an individual who may be a candidate for a role ora position within an organization. User device 171, as shown in FIG. 1may be an example of user device 202. As described in relation tocomputing device 101 of FIG. 1, an example user device 202 may includevolatile, non-volatile, and/or hard disk memory (e.g., memory 115) forstoring information. The memory may store applications, such as abackground verification (BGV) application 206 for performing backgroundverification using the distributed ledger interface system 270.

The BGV application 206 may be hosted, managed, and/or facilitated bythe distributed ledger interface server 270 (e.g., via the backgroundverification (BGV) application program interface (API) 281), as will bedescribed herein. Furthermore, the BGV application 206 may be the sameas, or at least share one or more functionalities with, BGV application224 of the organization computing system(s) 220, or the BGV applications246 and 258 of the data value source system(s) 240, and may also behosted by the BGV API 281. The BGV application 206 may use or beimplemented upon a user interface (UI) 204 of the user device 202. TheUI 204 may facilitate the exchange of information with the distributedledger interface server 270 and the organization computing system(s) 220to allow the organization computing system(s) 220 to perform thebackground verification of the individual associated with the userdevice 202. The UI 204 may include a display (e.g., as in display 108 ofcomputing device 101 in FIG. 1). For example, the display may be used topresent information stored in the distributed ledger 290.

Also or alternatively, the user device 202 may comprise or show areplication of the distributed ledger 290 as distributed ledger 216. Forexample, the individual may be allowed to see certain aspects of thedistributed ledger 290 (e.g., the individual-specific data structure 291associated with the individual) and may be allowed to access areplication of the distributed ledger 290, distributed ledger 216, whichhas the individual-specific data structure. Furthermore, as a nodeparticipant of the distributed ledger, the individual may control theaccess to the distributed ledger for other devices and systems by usingthe digital key 208. As will be discussed further herein, the digitalkey may be generated by the distributed ledger interface server 270(e.g., via digital key generator 280) and may be provided to the userdevice via the BGV application 206. The digital key may be any form ofdigital signature employing cryptography to provide validation andsecurity. For example, the individual may be a candidate for a role or aposition at an organization. The individual may use the digital key togrant permission to an organization computing system 220 of thatorganization, so that the organization has access to theindividual-specific data structure of the individual in order to performbackground verification of the individual. The digital key may be basedon a use of a public key (e.g., allowing encryption of a message) and aprivate key (e.g., allowing a decryption of the message), or acombination thereof, as will be described herein. The public and privatekey may utilize robust cryptographic algorithms to assure theconfidentiality and authenticity of electronic communications and datastorage.

The individual may build a self-reported profile 210, which may compriseself-reported information pertinent to the candidacy for a role orposition within an organization. The self-reported profile may comprise,or may be based on, one or more of a resume, curriculum vitae,self-reported grades or performance evaluations, a cover letter, a worksample, a recommendation, an online profile, etc. The self-reportedprofile may be stored in the memory of the user device 202.

The user device 202 may further comprise an input/output module 214 toallow the user to input information (e.g., via a keyboard, touchscreen,microphone, etc.), or receive output information (e.g., via externalspeakers or other peripherals). Input/output module 109 of computingdevice 101 in FIG. 1 may be an example of input/output module 214.Furthermore, a network interface 212 may facilitate communication withother computing devices and systems in environment 200 overcommunication network 268.

The organization computing system(s) 220 may include one or morecomputing systems, devices, or servers corresponding to one or moreorganizations (e.g., employers, educational institutions, etc.). Forexample, in the context of systems and methods described herein, oneorganization computing system may be associated with an organization inwhich the individual may be a member of, and another organizationcomputing system may be associated with an organization for which theindividual is seeking a role or position within. Thus, an organizationcomputing system 220 may keep track of the members of the organizationassociated with the organization computing system 220, e.g., via amember profiles database 226. Furthermore, an organization computingsystem 220 may keep track of candidates applying for roles or positionswithin the organization, e.g., via a candidate profiles database 228.

The organization computing system device 141, as shown in FIG. 1 may bean example of an organization computing system 220. As described inrelation to computing device 101 of FIG. 1, an example organizationcomputing system 220 may include volatile, non-volatile, and/or harddisk memory (e.g., memory 115) for storing information. The memory maystore applications, such as BGV application 224 for performing variousmethods described herein for performing background verification usingthe distributed ledger interface system 270. The BGV application 224 maybe the same as, or at least share one or more functionalities with, BGVapplication 206 of the user device 220, and may also be hosted by theBGV API 281. The BGV application 224 may use or be implemented upon auser interface (UI) 222 to facilitate the exchange of information withthe distributed ledger interface server 270, the user device 202, otherorganization computing systems, and data value source systems 240 toallow the organization computing system to perform the backgroundverification of the individual associated with the user device 202. TheUI 222 may include a display. For example, the display may be used topresent information stored in the distributed ledger 290. Also oralternatively, the organization computing system 220 may comprise orshow a replication of the distributed ledger 290 as distributed ledger234, based on the organization being a participant node in one or moreindividual-specific data structures of the distributed ledger. In someaspects, the organization computing system 220 may be made a nodeparticipant of the individual-specific data structure, and thus be givenaccess to a replica 234 of the distributed ledger 290, after receivingpermission (e.g., a public digital key) from a preexisting nodeparticipant (e.g., the user device of the individual associated with theindividual-specific data structure).

The organization computing system 220 may further comprise aninput/output module 232 to allow the organization to input information(e.g., via a keyboard, touchscreen, microphone, etc.), or receive outputinformation (e.g., via external speakers or other peripherals).Furthermore, a network interface 230 may facilitate communication withother computing devices and systems in environment 200 overcommunication network 268.

The data value source systems 240 may comprise computing systems,servers, and/or devices associated with organizations that provided orserved as the original source for data values for background aspects ofan individual in the individual-specific data structure. For example, aregistrar computing system associated with a college can be the datavalue source system for a course grade recorded in theindividual-specific data structure because the college registrar was theoriginal source for generating the grade. Example data value sourcesystems 240 may include the educational institution computing system 242and the municipal office computing system 256. More or fewer data valuesource systems may be used without departing from the invention. Each ofthese data value source systems 240 may include a UI (e.g., UI 244 and257), and applications (e.g., BGV apps 246 and 258), a network interface(e.g., network interfaces 248 and 260), and an input/output module(e.g., input/output modules 250 and 262), performing functions similarto the analogous or the similar components in the user device 202 andorganization computing systems 220, as explained previously.

The data value source systems 240 may be contacted to perform asecondary verification of data values stored in the individual-specificdata structure associated with the individual. A query engine (e.g.,query engines 254 and 266) may assist in the secondary verification bysearching for original records to verify a data value (e.g., a grade, acriminal conviction, etc.) recorded in the individual-specific datastructure of the individual. The original records may include, forexample, transcripts of the individual stored in a transcripts database252 in the educational institution computing system 242, or criminalrecords stored in a criminal records database 264 in the municipalcomputing system 256.

The distributed ledger interface server 270 may comprise one or morecomputing systems or servers managing the interactions between theabove-described systems (e.g., the distributed ledger interface server270, the user device 202, the organization computing system(s) 220, andthe data value source system(s) 240) and the distributed ledger 290 toperform one or more functions for background verification describedherein. The distributed ledger interface server 270 may be an example ofcomputing device 101 shown in FIG. 1. At a high level, the distributedledger interface server 270 may comprise one or more databases (e.g.,individuals database 271, nodes database 272, and/or organizationsdatabase 276, etc.), a linking engine 273, an update interface 274, abackground verification (BGV) application program interface (API) 281 tohost or manage background verification applications 206, 224, 246 and258; a natural language processing (NLP) system 278, a geolocationand/or geocoding APIs (“geo API”) 277, an encryption/decryption system279, a digital key generator 280, and a network interface 275. Theindividuals database 271 may store identifiers and/or profiles forindividuals using the distributed ledger interface server to facilitatebackground verification. The nodes database 272 may be used to identifynode participants of a given individual-specific data structure withinthe distributed ledger 290. The list of node participants may expand,contract, or be otherwise updated, based on which devices may be grantedpermission to access and/or otherwise contribute to the informationstorage of an individual-specific data structure. The node participantsmay include one or more computing systems and devices of environment200. The organizations database 276 may store a list of identifiers oforganizations, e.g., by the identifiers of the correspondingorganization computing systems 220.

The update interface 274 and linking engine 273 may form a databasemanagement application, software, or plug-in that may be used to performcreate, read, update, or destroy (CRUD) functions with respect to datastored in the one or more databases. For example, the linking engine 273may be used to form associations or link suitable data from differentdatabases together, and/or to create new data based on associations orlinkages. The update interface 274 may be used to update databases(e.g., by adding or deleting) data stored in the one or more databasesbased on instructions from other parts of the distributed ledgerinterface server 270 (e.g., computer readable instructions stored inmemory of the BGV API 281) or information received from one or moreother systems and devices of environment 200 (e.g., user device 202,organization computing systems 220, data value source systems 240,etc.). Furthermore, the update interface 274 may be used to enterinformation into the distributed ledger 290.

The distributed ledger 290 may be a database, repository, or ledger thatmay be updated by storing information using block chain technology andmay comprise a plurality of individual-specific data structures 291 thatmay be replicated and available in a plurality of computing systems anddevices (e.g., as in distributed ledger 216, distributed ledger 234,etc.). Each individual-specific data structure 291 may use a block chainapproach (e.g., validation, cryptographic encryption, mining, etc.) toadd individual-specific data pertaining to background aspects of anindividual. For example, each individual-specific data structure maycomprise one or more blocks (e.g., blocks 292A-292C), and may be createdor extended by blocks linked to one another. If participant nodes of theindividual-specific data structure request data values to be entered,the requested data values may be hashed, e.g., based on a cryptographicalgorithm associated with the distributed ledger 290 and/or theindividual-specific data structure 291. Before each data value can beentered, the data value may need to be verified from each of theparticipant nodes of the individual-specific data structure in which thedata value is requested to be entered. After the verification, the datavalue may be entered into the individual-specific data structure as ablock (e.g., block 292C comprising data value 294C) linked to apreviously entered block (e.g., block 292B comprising data value 294B).

Furthermore, each individual-specific data structure may havepredetermined participant computing devices or systems (e.g., “nodes,”“node participants,” “participant nodes,” etc.) that may be able toaccess, validate, and/or view data entered in the individual-specificdata structure. For example, an individual-specific data structure foran individual member of a first organization who desires to join asecond organization may have, as its node participants, the user deviceassociated with the individual, the organization computing systemassociated with the first organization, and the organization computingsystem associated with the second organization. Each node participantmay be able to access, validate, and/or view data associated with theindividual-specific data structure via a replicated distributed ledgeron their respective device (e.g., as in distributed ledger 216,distributed ledger 234, etc.)

Information entered into the distributed ledger 290 may be encrypted bythe encryptor/decryptor 279, and verified by one or more nodeparticipants of the distributed ledger prior to being recorded in thedistributed ledger 290. The node participants for anyindividual-specific data structure within the distributed ledger 290 maybe specified and/or determined from the nodes database 272. Thedistributed ledger 290 may include one or more individual-specific datastructure(s) 291 for one or more individuals. An individual-specificdata structure 291 may be used to store information related to anindividual that is relevant to the individual's membership to anorganization or candidacy for a position or a role in an organization.The information may be added into the individual-specific data structureas a data value 294A-294C in blocks 292A-292C. Prior to each data valuebeing added into the distributed ledger, the data value may be verifiedand encrypted in accordance with methods presented herein. Each block,which stores a data value that has been entered, may be linked to apreviously entered block of data value, so as to make the enteredinformation immutable and indelible. Furthermore, since each data valuemay be verified by participant nodes of the individual-specific datastructure 291, the information entered may be transparent and undisputedamong the participant nodes of a given individual-specific datastructure 291.

The BGV API 281 of the distributed ledger interface server 270 maymanage, host, and/or facilitate the applications 206, 224, 246, and 258running on user device 202, organization computing systems 220,educational computing system 242, and municipal computing system 256,respectively. The BGV API 281, through applications 206, 224, 246, and258, may help to facilitate background verification for an individualvia the distributed ledger interface system. For example, indicationssent by the user device 202 to the organization computing system 220 toindicate that an individual is resigning from an organization, orpermissions granted by the user device 202 to an organization computingsystem 220 to access an individual-specific data structure 292, may besent via the BGV app 206, and managed by the BGV API 281. In such andlike examples, the BGV API 281 may allow the distributed ledgerinterface server 270 to receive and/or relay the indications,permissions, and other messages between one device to another device inenvironment 200.

The BGV API 281, may utilize one or more of the databases of distributedledger interface server 270, facilitate the exchange of informationbetween the distributed ledger interface server 270 and one or moreother computing systems and devices of environment 200, and may manageone or more functions of the systems and components of distributedledger interface server 270. For example, the BGV API 281 may relaynotifications of an individual ending membership to one organization;enabling the first organization to unlock access to theindividual-specific data structure in the distributed ledger that isassociated with the individual; generating and sending a digital key tothe user device associated with the individual; allowing the individualto have another organization access the individual-specific datastructure by way of the digital key; resetting and/or generating a newdigital key; and facilitating secondary verification of data values forvarious background aspects associated with the individual by queryingthe data value source systems for information. Furthermore, the BGV API281 may allow respective node participants of an individual-specificdata structure of the distributed ledger to interact with thedistributed ledger (e.g., by creating, validating, and/or accessinginformation recorded in the distributed ledger).

The geolocation and/or geocoding APIs (“geo API” 277) may be used toidentify or estimate a real-world geographic location of a premiseassociated with an organization (e.g., an office, a factory, a farm, awarehouse, a school, etc.). The geo API 277 may be used with otherapplications (e.g., to initially identify a physical premise associatedwith an organization), or may be used in reverse (e.g., to determine theidentity of a premise based on an inputted real-world geographiclocation).

The NLP system 278 may include various processors, libraries, andAI-based systems (e.g., machine learning (ML) tools 264) to analyze andconvert natural language to one that could result in a computing systemto perform substantive functions (e.g., to determine the job duty of anindividual at an organization after parsing a resume). The NLP system278 may be guided by a library and/or databases and AI-based tools forvarious uses in natural language processing, including the undergoing ofsupervised and unsupervised learning from language data. The NLP system278 may support tasks, such as tokenization, sentence segmentation,part-of-speech tagging, named entity extraction, chunking, parsing, andcoreference resolution. These tasks may be needed to build more advancedtext processing services.

The encryptor/decryptor 279 may be a plug-in, application, API, orprogram tool for encrypting or decrypting data values, e.g., for beingrecorded in the distributed ledger 290. The digital key generator 280may be a plug-in, application, API, or program tool for generating adigital key based on one or more cryptographic algorithms (e.g.,symmetric key algorithms, public key algorithms, etc.). The digital keygenerator 280 may be used to generate a digital key to send to the userdevice. The individual may grant other devices and systems permission toaccess an individual-specific data structure associated with theindividual by sending the digital key (e.g., a public digital key) tothe intended recipient device or system (e.g., an organization computingsystem associated with an organization in which the individual likes tojoin).

Furthermore, network interface 275 may facilitate communication withother computing devices and systems in environment 200 overcommunication network 268.

FIGS. 3-5 illustrate example flow diagrams that may be used to implementaspects of the disclosure. For examples, each of FIGS. 3-5 may refer tovarious stages of an example method for performing a backgroundverification using a distributed ledger interface system. Method 300 maybe performed by the distributed ledger interface server 270 shown inFIG. 2 and/or computing device 101 shown in FIG. 1. For simplicity,“distributed ledger interface server” may be used to refer to theperformer of one or more steps of methods 300-500. Other devices andsystems described in FIG. 2 may perform one or more steps as specified.Further, one or more steps described with respect to FIGS. 3-5 may beperformed in an order other than the order shown and/or may be omittedwithout departing from the invention.

Referring now to FIG. 3, method 300 may begin when the distributedledger interface server 270 receives an indication that an individualwho is a member of an organization (e.g., an employee of theorganization) is ending membership to the organization. For example, themember may be an employee whose employment may have been terminated, orthe employee may be voluntarily resigning. The member may indicate theending of the membership through sending a notification via the BGV app206 on the user device 202. The indication may be relayed to theorganization computing system associated with the organization fromwhich the individual is ending membership (e.g., one of organizationcomputing system(s) 220). For simplicity, this organization may bereferred to as the “first organization,” and the associated computingsystem may be referred to as “first organization computing system.” Thedistributed ledger interface server 270, which may comprise the BGV API281 hosting BGV app 206 may receive the indication, and may facilitatethe sending of the indication to the first organization computingsystem. Thus, at step 302, the distributed ledger interface server 270may relay, to the first organization computing system, the indicationthat the individual who is a member of the first organization is endingmembership.

After receiving the indication, the first organization computing systemmay select to unlock access to the individual-specific data structure291 associated with the individual in the distributed ledger 290. Accessto the individual-specific data structure 291 may be previously lockedduring the course of the individual's employment at the firstorganization for security, since the individual-specific data structuremay store sensitive and/or confidential information about theindividual. In some implementations, the first organization computingsystem may be instructed or otherwise be in an obligation (e.g., as peremployment agreement) to unlock access to the individual-specific datastructure 291 in the distributed ledger, e.g., to allow for jobmobility, since other potential employers may need to see theinformation stored in the individual-specific data structure beforehiring the individual. The first organization computing system mayselect to unlock access on BGV app 224, hosted by BGV API 281 on thedistributed ledger interface server 270. The selection may be registeredas an executable command.

At step 304, the distributed ledger interface server 270 may receive thecommand to unlock access to the individual-specific data structure 291in the distributed ledger. Based on the command, the distributed ledgerinterface server 270 may unlock the individual-specific data structure(e.g., as in step 306).

At step 308, the distributed ledger interface server 270 may send adigital key to the user device 202 associated with the individual. Thedigital key may be received via the BGV app 206 of the user device 202.The digital key may be any form of digital signature employingcryptography to provide a layer of validation and security for one ormore requests, such as the request by the organization computing systemof another organization to access the individual-specific data structure291 associated with the individual. For simplicity, an organization forwhich the individual is a candidate may be referred to as the “secondorganization” and its organization computing system may be referred toas the “second organization computing system.” In some aspects, thedigital key may be available to the individual (e.g., stored on the userdevice) prior to the user device sending of the indication of endingmembership. For example, the process of the second organization (e.g.,an employer for which an organization has applied to for a role or aposition) performing a background check for the individual may beginbefore the individual has given notice to the individual's currentemployer. Based on the results of the background check, the individualmay appropriately decide whether or not to inform the individual'scurrent employer of ending membership to the current employer. Thedigital key can be generated and sent to the user device before theindividual has decided whether to end membership to the firstorganization.

Also or alternatively, a new digital key may be generated and sent tothe user device after the sending of the indication of endingmembership.

It is contemplated that the individual, e.g., in the hopes of securingnew employment, may inform the second organization of backgroundinformation recorded in the individual-specific data structure. Also oralternatively, the second organization may have been made aware ofbackground information about the individual recorded in theindividual-specific data structure. Thus, the second organization, viathe second organization computing system, may request to access theindividual-specific data structure, e.g., via BGV app 224 hosted by BGVAPI 281 of the distributed ledger interface server 270. At step 310, thedistributed ledger interface server 270 may relay the request to accessthe individual-specific data structure to the user device associatedwith the individual.

The digital key may be used to grant the second organization computingsystem access to the individual-specific data structure (e.g., as instep 312). For example, a private key and public key may be generated bythe digital key generator 280 of the distributed ledger interface server270, and may be sent to the user device 202. In order to grant thesecond organization computing system the request to access theindividual-specific data structure 291, the individual mayelectronically sign a permission to access the individual-specific datastructure 291 using the private key, and may send the signed permissionalong with a public key to the second organization computing system. Thesecond organization computing system may use the public key to validatethe signed permission to access the individual-specific data structure.In some aspects, the exchange of the one or more digital keys betweenthe distributed ledger interface server 270, the second organizationcomputing system 220, and the user device 202, the request from thesecond organization computing system 220, and the granting of therequest by the user device 202 may be performed via apps 224 and 246,hosted by BGV API 281 of the distributed ledger interface server 270.

In some aspects, the distributed ledger interface server 270 may monitorthe digital key to determine whether it has been used, e.g., to accessthe individual-specific data structure (e.g., as in step 314). If used,the distributed ledger interface server 270 may generate and send a newdigital key to the user device 202 at step 316. Generating a new digitalkey after use may further strengthen security and restrict access to theindividual-specific data structure 291. If the digital key has not beenused yet, the distributed ledger interface server 270 may wait for thesecond organization computing system 220 to access theindividual-specific data structure using the digital key (e.g., publickey provided by the user device).

After the second organization computing system has accessed theindividual-specific data structure 292 associated with the individual,the distributed ledger interface server 270 may facilitate one or morefunctions for verifying various background information about theindividual stored in the individual-specific data structure. Forexample, the individual may have presented a self-reported profile ofthe individual to the second organization, e.g., in the hopes ofsecuring employment. The self-reported profile may be based on, or maycomprise, one or more of a cover letter, a resume, a curriculum vitae,an online profile, a work sample, a recommendation, a referral, aself-reported grades or performance evaluation, etc. In at least oneaspect, the second organization may want to compare the self-reportedprofile of the individual to the data values stored in theindividual-specific data structure. For example, the second organizationmay want to determine whether an applicant's resume matches up to actualinformation about the applicant recorded by previous employers andeducational institutions on the distributed ledger. The secondorganization may, via the BGV app 224 of the organization computingsystem 220, request to review the self-reported profile of theindividual with the individual-specific data structure associated withthe individual.

Thus, at step 318, the distributed ledger interface server 270 maydetermine whether it has received the request to review the individual'sself-reported profile against individual-specific data structure. Ifthere is such a request, the distributed ledger interface server 270 mayparse the self-reported profile of the individual to identify datavalues corresponding to background aspects (e.g., as in step 320). Forexample, the NLP system 278 may process the natural language text ofvarious documents (e.g., resume, cover letter, etc.) submitted by anemployee seeking a position or role in the second organization. The NLPsystem 278 may use learned data and machine learning algorithms torecognize terms and phrases that correspond to data values for one ormore background aspects (e.g., “3.7” for “GPA” or “Berkeley” for“Educational Institution”). Each identified data value for acorresponding background aspect may be compared to the data valuerecorded in the individual-specific data structure (e.g., as in step322). For example, the data value “3.7” for a background aspect of “GPA”may be compared to a recorded value of “3.49” in the individual-specificdata structure. The distributed ledger interface server 270 maydetermine whether there is a match in the data values (e.g., whether thedata values satisfy a similarity threshold) at step 324. If there is nomatch (e.g., the data values fail to satisfy the similarity threshold),the distributed ledger interface server 270 may indicate this to thesecond organization computing system at step 326. For example, thesecond organization may receive a notification via BGV app 224 that thereview of the self-reported profile of the individual failed at least onthe background aspect corresponding to the data values that failed tomatch.

If the identified data value corresponding to the background aspect doesmatch the data value recorded in the individual-specific data structure,however, the distributed ledger interface server may continue comparingother identified data values (e.g., see steps 334 and 332). If there areno more remaining data values identified from the parsing of theself-reported profile, the distributed ledger interface server 270 maynotify the completion of the verification. e.g., on BGV app 246 of thesecond organization computing system 220 and/or BGV app 206 of the userdevice 202 at step 336.

It may be possible that the individual-specific data structure has thewrong data value recorded and/or the self-reported profile has thecorrect data value. Thus, in some aspects, the second organization mayseek to double check whether information about the individual recordedin the individual-specific data structure of the distributed ledger isaccurate (e.g., a “secondary verification”). The second organizationmay, via the BGV app 224 of the organization computing system 220,request the secondary verification. Thus, at step 328, the distributedledger interface server 270 may determine whether it has received therequest for the secondary verification, e.g., of a data value from theself-reported profile that has failed to satisfy the similaritythreshold. If this request has been received, the individual may becontacted (e.g., via a notification sent to user device 202) for consentto having the distributed ledger interface server 270 perform thesecondary verification. Also or alternatively, the individual may havepreviously agreed to allowing secondary verification, e.g., as part ofthe terms of using the distributed ledger interface server 270. At step330, the distributed ledger interface server 270 may determine whetherthe individual consents to the secondary verification.

If the individual consents to the secondary verification (e.g., bysending an electronic indication to the distributed ledger interfaceserver 270 via user device 202), the distributed ledger interface server270 may determine a data value source system that may be appropriate forthe secondary verification (e.g., as in step 332). As discussedpreviously, data value source systems 240 may comprise computingsystems, devices, and servers that may be the original source of thespecific data value being verified. Also or alternatively, the datavalue source systems 240 may be associated with organizations orinstitutions that may be the authority in determining the veracity ofthe data value being verified. For example, computing systems associatedwith the individual's alma mater may be a data value source system fordetermining the veracity of the individual's grades. In some aspects,determining the data value source systems may comprise determining,broadly, whether the data value comprises geographical information(e.g., identity and/or location of an employer, identity and/or locationof an educational institution, etc.) or an organizational information(e.g., job descriptions, remarks, performance evaluations, etc.). If thedata value source system concerns an organizational data value, thedistributed ledger interface server 270 may proceed to performing one ormore steps of method 400 described in FIG. 4. If the data value sourcesystem concerns an organizational data value, the distributed ledgerinterface server 270 may proceed to performing one or more steps ofmethod 500 described in FIG. 5.

If the individual does not consent to having the secondary verification,the distributed ledger interface server 270 may continue to reviewremaining data values identified from the self-reported profile againstthe individual-specific data structure, e.g., by determining whetherthere are any remaining data values in the self-reported profile in step334. If there are no more remaining data values identified from theparsing of the self-reported profile, the distributed ledger interfaceserver 270 may notify the completion of the verification, e.g., on BGVapp 224 of the second organization computing system 220 and/or BGV app206 of the user device 202.

As discussed previously, the background information may be categorizedand/or subcategorized into various background aspects. The backgroundaspects may include, for example, aspects of previous employment,academic and/or training aspects, legal information (e.g., criminal andcivil legal records), aspects about the individual's online profile,etc. As discussed previously, a data value may refer toindividual-specific data describing the background aspects qualitativelyand/or quantitatively. Furthermore, data values corresponding to abackground aspect may be confidential or sensitive for the individual.

Referring now to FIG. 4, one or more steps of method 400 may beperformed for secondary verification of a data value in theindividual-specific data structure that comprises organizationalinformation (e.g., job descriptions, remarks, performance evaluations,reasons for termination or hire, etc.). Thus, method 400 may beperformed after the distributed ledger interface server 270 determinesthat the data value needing secondary verification isorganization-specific (e.g., as in step 332).

At step 402, the distributed ledger interface may determine andestablish connections with the data value source system 240. In someaspects, for example, where the data value source system is already anode participant in the individual-specific data structure of thedistributed ledger, the data value source system 240 may already becommunicatively linked to the distributed ledger interface server 270.As discussed previously, a data value source system 240 may function asa source for data values for various background aspects of theindividual. A data value source system may comprise, for example, theeducational institution computing system 242 or the municipal computingsystem 256, as they may be the original source of theorganization-specific data value needing secondary verification (e.g., aGPA, a grade, a performance, a job description, a remark, a performanceevaluation, a reason for termination or hire, etc.). In some aspects,each data value stored in the individual-specific data structure mayinclude metadata identifying the source of the entry of the data value.The distributed ledger interface server 270 may use the metadata toidentify and/or connect to the data value source system 240 that was thesource of the data value. For example, a data value of “3.7”corresponding to the background aspect of “GPA” may include metadataidentifying a computing system associated with an educationalinstitution. If secondary verification for the GPA is requested, thedistributed ledger interface server 270 may determine and establishconnections with the computing system associated with the educationalinstitution.

The distributed ledger interface server 270 may query the determineddata value source system 240 for records pertaining to the individual(e.g., as in step 404). In some aspects metadata in the data value thatidentified the data value source system 240 may also include anidentifier of the individual used by the data value source system 240.The identifier may be presented in the query.

The data value source system 240 may indicate, and the distributedledger interface server 270 may receive the indication of, whether thereare records pertaining to the individual in the data value source system(e.g., as in step 406). The records may comprise any archival data(e.g., saved transcripts, employment records, etc.) about the individualthat may assist in determining the veracity and/or accuracy of the datavalue undergoing secondary verification. If there are no records, thesecondary verification of the data value may fail to proceed based onthe lack of records in the data value source system 240, and thisfailure may be indicated to the second organization computing system(e.g., as in step 407).

If records are found, the distributed ledger interface server 270 mayindicate, to the data value source system 240, the data value needingsecondary verification (e.g., as in step 408). For example, the datavalue needing secondary verification may include, but is not limited to,a date (e.g., as in step 410), a job description (e.g., as in step 416),or a grade (e.g., as in step 422). If a data value is a date to beverified, the distributed ledger interface server 270 may retrieve(e.g., after sending a request to the data value source system 240),dates associated with the individual (e.g., as in step 412). Forexample, the data value source system may be a computing systemassociated with a school that the individual had attended and may have,within its archives, dates of attendance by the individual. Thedistributed ledger interface server, at step 414 may compare the datesretrieved to the dates stored in the individual-specific data structure291 to see if they match (e.g., satisfy a similarity threshold). If thedates do match, the secondary verification of the data value may bedeemed successful by the distributed ledger interface server 270. If thedates do not match, the distributed ledger interface server 270 mayindicate this (e.g., a failure to meet secondary verification), at step415.

If the data value is a job description to be verified, the distributedledger interface server 270 may retrieve (e.g., after sending a requestto the data value source system 240), records associated with the jobduties of the individual (e.g., as in step 417). For example, the datavalue source system may be a computing system associated with a previousemployer of the individual and may have, within its archives, olderresumes submitted by the individual or work product from the individualproduced during the scope of employment.

At step 418, the distributed ledger interface server 270 may parse thejob description stored as the data value in the individual-specific datastructure and the records retrieved from the data value source system240 for key terms associated with job roles and functions. For example,the NLP system 278 may process any natural language text of the jobdescription and the records, and use learned data and machine learningalgorithms to recognize terms and phrases that correspond to specificjob roles (e.g., “finance,” “legal,” “manage,” “patent,” “drafting,”etc.). The identified terms from the job description stored in theindividual-specific data structure may be compared to the identifiedterms from the records to determine whether the two sets of identifiedterms match (e.g., satisfy a similarity threshold) (e.g., as in step420). If there is a match, the secondary verification of the data valuemay be deemed successful by the distributed ledger interface server 270.If there is not a match, the distributed ledger interface server 270 mayindicate this (e.g., a failure to meet secondary verification) at step421.

If a data value is a grade to be verified, the distributed ledgerinterface server 270 may retrieve and parse (e.g., after sending arequest to the data value source system 240), transcripts associatedwith the individual (e.g., as in step 424). For example, the data valuesource system may be a computing system associated with a school thatthe individual had attended and may have, within its archives,transcripts associated with the individual. The distributed ledgerinterface server, at step 426 may compare a grade in the retrievedtranscript to the grade stored in the individual-specific data structure291 to see if they match (e.g., satisfy a similarity threshold). If thegrades do match, the secondary verification of the data value may bedeemed successful by the distributed ledger interface server 270. If thedates do not match, the distributed ledger interface server 270 mayindicate this (e.g., a failure to meet secondary verification), at step427.

Referring now to FIG. 5, one or more steps of method 500 may beperformed for secondary verification of a data value in theindividual-specific data structure that comprises geographic information(e.g., identity and/or location of an employer, identity and/or locationof an educational institution, etc.). Thus, method 500 may be performedafter the distributed ledger interface server 270 determines that thedata value needing secondary verification is geography-specific (e.g.,as in step 332).

The distributed ledger interface server 270 may begin secondaryverification of a geography-specific data value stored in theindividual-specific data structure by determining whether the data valueis a physical address (e.g., as in step 502). If so, the physicaladdress may be inputted into the geocoding and/or geolocation APIs (“geoAPI” 277) at step 510. The geo API 277 may output what lies at thephysical address, e.g., by providing a map with premises on the physicaladdress, or identifying premises located on the physical address. Thedistributed ledger interface server 270 may thus use the geo API 277 toidentify the premises at the physical address (e.g., as in step 512).The individual-specific structure may include other information aboutthe individual that are associated with the physical address. Forexample, the individual-specific data structure may include data valuesidentifying an organization that has physical locations, such as thename of a previous employer having an office at a physical address orthe name of an educational institution previously attended having aphysical address. These identifiers of organizations may be stored asother data values in addition to the data value of the physical addressin the individual-specific data structure. Thus, the distributed ledgerinterface server 270 may determine whether there are other data valuesidentifying organizations, which may be associated with the physicaladdress in the individual-specific data structure (e.g., as in step513). The distributed ledger interface server 270 may determine whetherthe identified organizations match (e.g., satisfy a similaritythreshold) with the premises identified from the physical address. Forexample, the distributed ledger interface server 270 may compare namesof multiple organizations to the identified premises to determinewhether there is a match (e.g., as in step 514). In some aspects, thelist of names of organizations may be narrowed down or filtered based onadditional data values (e.g., dates) that make certain organizationsmore likely to be associated with the physical address than others. Ifat least one of the names of organizations matches the identifiedpremises, the secondary verification of the data value may be deemedsuccessful by the distributed ledger interface server 270. If there areno matches, the distributed ledger interface server 270 may indicatethis (e.g., a failure to meet secondary verification), at step 516.

Also or alternatively, the identified data value needing secondaryverification may comprise the name of an organization (e.g., as in step504). If so, the distributed ledger interface server 270 may determinepossible physical address candidate(s) for the identified organization,e.g., using the geo API (e.g., as in step 506). For example, the name ofthe organization may be inputted into the geo API 277. The geo API 277may output what possible physical address of the named organization,e.g., by providing a map locating the one or more physical addressesassociated with the organization, or identifying a physical address ofthe organization. The distributed ledger interface server 270 may thususe the geo API 277 to determine the physical address candidate(s) ofthe named organization. The individual-specific structure may includeone or more details regarding the physical address or location of theorganization (e.g., city and state of a previous employer or aneducational institution attended by the individual) (“locationdetails”). The location details may be stored as another data value inaddition to the data value of the name of the organization in theindividual-specific data structure. Thus, the distributed ledgerinterface server 270 may determine whether there are other data valuesidentifying location details of the named organization, in step 508). Atstep 509, the distributed ledger interface server 270 may determinewhether the location details stored as data values in theindividual-specific data structure match (e.g., satisfy a similaritythreshold) with the physical address of the named organizationidentified using the geo API 277. If there is a match, the secondaryverification of the data value may be deemed successful by thedistributed ledger interface server 270. If there is no match, thedistributed ledger interface server 270 may indicate this (e.g., afailure to meet secondary verification), at step 516.

If the identified data value is not a physical address and does notidentify an organization, the distributed ledger interface server 270may indicate, e.g., to the second organization computing system, thatthere is insufficient information for the secondary verification (e.g.,as in step 518). In some aspects, the user device 202 may be prompted toprovide additional information, e.g., to be added to the candidateprofile 228 of the second organization computing system.

Although examples are described above, features and/or steps of thoseexamples may be combined, divided, omitted, rearranged, revised, and/oraugmented in any desired manner. Various alterations, modifications, andimprovements will readily occur to those skilled in the art. Suchalterations, modifications, and improvements are intended to be part ofthis description, though not expressly stated herein, and are intendedto be within the spirit and scope of the disclosure. Accordingly, theforegoing description is by way of example only, and is not limiting.

What is claimed is:
 1. A method comprising: sending, via a communicationnetwork, by a distributed ledger interface system having at least oneprocessor and to a first computing device associated with a firstorganization, an indication that an individual that has membership tothe first organization is ending the membership to the firstorganization; unlocking, based on a command received from the firstcomputing device, access to an individual-specific data structure in adistributed ledger, wherein the individual-specific data structureallows storage of a plurality of data values corresponding to aplurality of background aspects of the individual; wherein theindividual-specific data structure stores a first data value of theplurality of data values corresponding to a first background aspect ofthe plurality of background aspects of the individual, and wherein thedistributed ledger is shared within a plurality of nodes within anetwork; providing, to a user device associated with the individual andbased on the unlocked access, a digital key associated with theindividual-specific data structure to allow permission to access theindividual-specific data structure; and granting, to a second computingdevice associated with a second organization, and based on a permissionreceived from the user device, access to the individual-specific datastructure.
 2. The method of claim 1, further comprising, prior to thesending the indication, creating, by the distributed ledger interfacesystem via the communication network, the individual-specific datastructure in the distributed ledger, wherein the individual-specificdata structure comprises one or more blocks; receiving, from a computingdevice associated with a node of the network, a request to enter thefirst data value corresponding to the first background aspect of theindividual; hashing, based on a cryptographic algorithm associated withthe distributed ledger, the first data value; receiving a verificationfrom each of the nodes of the network for the first data value; andrecording, in a first block of the one or more blocks of theindividual-specific data structure in the distributed ledger, the firstdata value corresponding to the first background aspect.
 3. The methodof claim 1, further comprising: receiving, by the distributed ledgerinterface system and from the second computing device, a request toperform a secondary verification of a given data value of the pluralityof data values corresponding to the plurality of background aspects ofthe individual; identifying a source computing system associated with asource of the given data value; establishing a connection with thesource computing system; and requesting, based on a verificationthreshold, a verification of the given data value.
 4. The method ofclaim 3, further comprising: receiving, from the source computingsystem, an indication that the given data value does not satisfy theverification threshold; and recording, in a second block of the one ormore blocks of the individual-specific data structure in the distributedledger, the indication that the given data value does not satisfy theverification threshold.
 5. The method of claim 3, wherein the sourcecomputing system comprises a geocoding application program interface(API), and the given data value is a geographic information.
 6. Themethod of claim 1, further comprising, prior to the granting the secondcomputing device access, causing the second computing device to send, tothe user device, a request to access the individual-specific datastructure in the distributed ledger; causing the user device to share,to the second computing device, the digital key; and generating a newdigital key associated with the individual-specific data structure toallow permission to access the individual-specific data structure. 7.The method of claim 1, further comprising, prior to the sending thefirst indication, receiving, via a communication network, by thedistributed ledger interface system and from the user device, theindication of ending membership to the first organization.
 8. The methodof claim 1, further comprising, prior to the unlocking the access to theindividual-specific data structure, providing, by the computing systemand to the first computing device, an option to unlock the access to theindividual-specific data structure; and receiving, by the computingsystem and from the first computing device, a command to unlock theaccess to the individual-specific data structure.
 9. The method of claim1, wherein the plurality of nodes comprises at least the first computingdevice and the second computing device.
 10. A system comprising: one ormore processors; and a memory storing computer-executable instructionsthat, when executed by the one or more processors, cause the system to:unlock access to an individual-specific data structure in a distributedledger, wherein the individual-specific data structure allows storage ofa plurality of data values corresponding to a plurality of backgroundaspects of the individual, wherein the individual-specific datastructure stores a first data value of the plurality of data valuescorresponding to a first background aspect of the plurality ofbackground aspects of the individual, wherein the distributed ledger isshared within a plurality of nodes within a network, and wherein theplurality of nodes includes at least a first computing device associatedwith a first organization; provide, to a user device associated with theindividual and based on the unlocked access, a digital key associatedwith the individual-specific data structure to allow the individual tocontrol access to the individual-specific data structure; grant, to asecond computing device associated with a second organization, and basedon permission received from the user device, access to theindividual-specific data structure; and send, via a communicationnetwork, to a first computing device associated with the firstorganization, an indication that the individual is ending membership tothe first organization.
 11. The system of claim 10, wherein the memorystores additional computer-executable instructions, which when executedby the one or more processors, cause the system to, prior to theunlocking the access to the individual-specific data structure, receive,from the first computing device, a command to unlock the access to theindividual-specific data structure.
 12. The system of claim 11, whereinthe memory stores additional computer-executable instructions, whichwhen executed by the one or more processors, cause the system to: createthe individual-specific data structure in the distributed ledger,wherein the individual-specific data structure comprises one or moreblocks; receive, from a computing device associated with a node of theplurality of nodes of the network, a request to enter the first datavalue corresponding to the first background aspect of the individual;hash, based on a cryptographic algorithm associated with the distributedledger, the first data value; receive a verification from each of thenodes of the network for the first data value; and record, in a firstblock of the one or more blocks of the individual-specific datastructure in the distributed ledger, the first data value correspondingto the first background aspect.
 13. The system of claim 12, wherein thememory stores additional computer-executable instructions, which whenexecuted by the one or more processors, cause the system to: receive,from the second computing device, a request to perform a secondaryverification of a given data value of the plurality of data valuescorresponding to the plurality of background aspects of the individual;identify a source computing system associated with a source of the givendata value; establish a connection with the source computing system; andrequest, based on a verification threshold, a verification of the givendata value.
 14. The system of 13, wherein the memory stores additionalcomputer-executable instructions, which when executed by the one or moreprocessors, cause the system to: receive, from the source computingsystem, an indication that the given data value does not satisfy theverification threshold; and record, in a second block of the one or moreblocks of the individual-specific data structure in the distributedledger, the indication that the given data value does not satisfy theverification threshold.
 15. One or more non-transitory media storinginstructions that, when executed by one or more processors, cause theone or more processors to perform steps comprising: receiving, via acommunication network and from a user device associated with anindividual, an indication that the individual that has membership to thefirst organization is ending the membership to the first organization;unlocking access to an individual-specific data structure in adistributed ledger, wherein the individual-specific data structureallows storage of a plurality of data values corresponding to theplurality of background aspects of the individual; wherein theindividual-specific data structure stores a first data value of theplurality of data values corresponding to a first background aspect ofthe plurality of background aspects of the individual, wherein thedistributed ledger is shared within a plurality of nodes within anetwork, and wherein the plurality of nodes includes at least a firstcomputing device associated with the first organization; providing, tothe user device and based on the unlocked access, a digital keyassociated with the individual-specific data structure to allowpermission to access the individual-specific data structure; andgranting, to a second computing device associated with a secondorganization, and based on a permission received from the user device,access to the individual-specific data structure.
 16. The one or morenon-transitory media of claim 15, storing instructions that, whenexecuted by the one or more processors, cause the one or more processorsto perform steps further comprising, prior to the sending theindication: creating the individual-specific data structure in thedistributed ledger, wherein the individual-specific data structurecomprises one or more blocks; receiving, from a computing deviceassociated with a node of the network, a request to enter the first datavalue corresponding to the first background aspect of the individual;hashing, based on a cryptographic algorithm associated with thedistributed ledger, the first data value; receiving a verification fromeach of the nodes of the network for the first data value; andrecording, in a first block of the one or more blocks of theindividual-specific data structure in the distributed ledger, the firstdata value corresponding to the first background aspect.
 17. The one ormore non-transitory media of claim 16, storing instructions that, whenexecuted by the one or more processors, cause the one or more processorsto perform steps further comprising: receiving, from the secondcomputing device, a request to perform a secondary verification of agiven data value of the plurality of data values corresponding to theplurality of background aspects of the individual; identifying a sourcecomputing system associated with a source of the given data value;establishing a connection with the source computing system; andrequesting, based on a verification threshold, a verification of thegiven data value.
 18. The one or more non-transitory media of claim 17,storing instructions that, when executed by the one or more processors,cause the one or more processors to perform steps further comprising:receiving, from the source computing system, an indication that thegiven data value does not satisfy the verification threshold; andrecording, in a second block of the one or more blocks of theindividual-specific data structure in the distributed ledger, theindication that the given data value does not satisfy the verificationthreshold.
 19. The one or more non-transitory media of claim 15, storinginstructions that, when executed by the one or more processors, causethe one or more processors to perform steps further comprising: causingthe second computing device to send, to the user device, a request toaccess the individual-specific data structure in the distributed ledger;causing the user device to share, to the second computing device, thedigital key; and generating a new digital key associated with theindividual-specific data structure to allow permission to access theindividual-specific data structure.
 20. The one or more non-transitorymedia of claim 15, storing instructions that, when executed by the oneor more processors, cause the one or more processors to perform stepsfurther comprising: after receiving the first indication, sending, via acommunication network, to the first computing device, the indication ofending the membership to the first organization; and prior to unlockingthe access to the individual-specific data structure, providing, to thefirst computing device, an option to unlock the access to theindividual-specific data structure; and receiving, from the firstcomputing device, the command to unlock the access to theindividual-specific data structure.